Appl. No. 10/705,212 PATENT 

Amdt. dated June 25, 2007 

Reply to Office Action of March 23, 2007 

Amendments to the Claims: 

This listing of claims will replace all prior versions, and listings of claims in the application: 
Listing of Claims: 

Claim 1 . (Currently Amended) An electronic commerce card authentication 
system comprising: 

a central transaction server adapted to: 

receive an authentication request from a cardholder system; 

forward the authentication request to an access control server; 

relay authentication information between the access control server and the 

cardholder system; 

receive an authentication response from the access control server; and 
forward the authentication response to the cardholder system,. 
wherein the central transaction server is adapted to initiate a payment request 

process . 

Claim 2. (Original) The electronic commerce card authentication system of claim 
1, wherein the authentication response is adapted to be analyzed by a merchant system. 

Claim 3. (Original) The electronic commerce card authentication system of claim 
1, wherein the central transaction server is adapted to forward a copy of the authentication 
response to an authentication history server to be archived. 

Claim 4. (Original) The electronic commerce card authentication system of claim 
1, wherein the central transaction server is further adapted to receive a verifying enrollment 
request from a directory server, and to send a verifying enrollment response to the directory 
server. 
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Claim 5. (Original) The electronic commerce card authentication system of claim 
4, wherein the central transaction server is adapted to send the verifying enrollment response in 
response to a query to the access control server. 

Claim 6. (Original) The electronic commerce card authentication system of claim 
4, wherein the central transaction server is adapted to send the verifying enrollment response to 
the directory server with or without querying the access control server, and is further adapted to 
query the access control server in response to receiving an authentication request. 

Claim 7. (Original) The electronic commerce card authentication system of claim 
1, wherein the authentication request includes a pseudonym corresponding to an electronic 
commerce card account number and previously created by the central transaction server. 

Claim 8. (Original) The electronic commerce card authentication system of claim 
1, wherein the authentication request includes a pseudonym previously created by a merchant 
system that corresponds to an electronic commerce card account number. 

Claim 9. (Canceled). 

Claim 10. (Currently Amended) A method of authenticating electronic commerce 
card information provided by a cardholder, the method comprising: 

receiving an authentication request from a cardholder system; 

forwarding the authentication request to an access control server; 

relaying authentication information between the access control server and the 
cardholder system; 

receiving an authentication response from the access control server; and 

forwarding the authentication response to the cardholder system ; and 

initiating a payment request process . 
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Claim 11. (Original) The method of claim 10, wherein the authentication 
response is adapted to be analyzed by a merchant system. 

Claim 12. (Original) The method of claim 10, further comprising forwarding a 
copy of the authentication response to an authentication history server to be archived. 

Claim 13. (Original) The method of claim 10, further comprising receiving a 
verifying enrollment request from a directory server, and sending a verifying enrollment 
response to the directory server. 

Claim 14. (Original) The method of claim 13, wherein the verifying enrollment 
response is sent in response to a query to the access control server. 

Claim 15. (Original) The method of claim 13, wherein the verifying enrollment 
response is sent to the directory server without querying the access control server, and further 
comprising querying the access control server in response to receiving an authentication request. 

Claim 16. (Original) The method of claim 10, wherein the authentication request 
includes a pseudonym previously created by the central transaction server that corresponds to an 
electronic commerce card account number. 

Claim 17. (Original) The method of claim 10, wherein the authentication request 
includes a pseudonym previously created by a merchant system that corresponds to an electronic 
commerce card account number. 

Claim 18. (Canceled). 

Claim 19. (Currently Amended) An information storage medium including a set 
of instruction instructions adapted to operate an information processing device to perform a set 
of steps, the set of steps comprising: 

receiving an authentication request from a cardholder system; 
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forwarding the authentication request to an access control server; 
relaying authentication information between the access control server and the 
cardholder system; 

receiving an authentication response from the access control server; and 
forwarding the authentication response to the cardholder system ; and 
initiatinfi a payment request process . 

Claim 20. (Original) The information storage medium of claim 19, wherein the 
authentication response is adapted to be analyzed by a merchant system. 



Claim 21. (Original) The information storage medium of claim 19, wherein the 
set of steps further comprises forwarding a copy of the authentication response to an 
authentication history server to be archived. 



Claim 22. (Original) The information storage medium of claim 19, wherein the 
set of steps further comprises receiving a verifying enrollment request from a directory server, 
and sending a verifying enrollment response to the directory server. 

Claim 23. (Original) The information storage medium of claim 22, wherein the 
verifying enrollment response is sent in response to a query to the access control server. 

Claim 24. (Original) The information storage medium of claim 22, wherein the 
verifying enrollment response is sent to the directory server without querying the access control 
server, and the set of steps further comprise querying the access control server in response to 
receiving an authentication request. 

Claim 25. (Original) The information storage medium of claim 19, wherein the 
authentication request includes a pseudonym previously created by the central transaction server 
that corresponds to an electronic commerce card account number. 
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Claim 26. (Original) The information storage medium of claim 19, wherein the 
authentication request includes a pseudonym previously created by a merchant system that 
corresponds to an electronic commerce card account number. 

Claim 27. (Canceled). 

Claim 28. (Original) The method of claim 14, further comprising: 
receiving the verifying enrollment response from the access control server in 
response to the query; and 

forwarding the verifying enrollment response to the directory server. 

Claim 29. (Original) The method of claim 28, further comprising: 
modifying the verifying enrollment response received from the access control 

server; and 

forwarding the modified verifying enrollment response to the directory server. 
Claim 30. (Original) The information storage medium of claim 22, further 

comprising: 

receiving the verifying enrollment response from the access control server in 
response to the query; and 

forwarding the verifying enrollment response to the directory server. 

Claim 31. (Original) The information storage medium of claim 30, further 

comprising: 

modifying the verifying enrollment response received from the access control 

server; and 

forwarding the modified verifying enrollment response to the directory server. 
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Claim 32. (New) The system of claim 1 wherein the payment request process 
includes a charge request, wherein the charge request is generated by a merchant and is 
subsequently sent to an acquirer. 



Claim 33. (New) The method of claim 10 wherein the payment request process is 
includes a charge request, wherein the charge request is generated by a merchant and is 
subsequently sent to an acquirer. 

Claim 34. (New) A method performed by a central transaction server, the method 

comprising: 

receiving a verifying enrollment request; 

sending the verifying enrollment request to an access control server; 

receiving a verifying enrollment response from the access control server; 

creating an altered verifying enrollment response comprising a pseudonym; 

sending the altered verifying enrollment response to a merchant system, wherein 
the merchant system subsequently sends an authentication request including the pseudonym to a 
holder system; 

receiving the authentication request with the pseudonym from the holder system; 
sending the authentication request with the pseudonym to the access control 

server; 

receiving an authentication response; and 

sending the authentication response to the holder system. 

Claim 35. (New) The method of claim 34 wherein the holder system is a 
cardholder system. 



Claim 36. (New) The method of claim 34 wherein after the authentication 
response is sent to the holder system, the holder system sends the authentication response to the 
merchant system. 
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Claim 37. (New) The method of claim 34 further comprising, after sending the 
authentication response, initiating a payment request process. 
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